REMARKS 



[0001] Applicant respectfully requests entry of the following remarks and 
reconsideration of the subject application. Applicant respectfully requests entry of 
the amendments herein. The remarks and amendments should be entered under 
37 CFR. § 1.116 as they place the application in better form for appeal, or for 
resolution on the merits. 

[0002] Applicant respectfully requests reconsideration and allowance of all 
of the claims of the application. Claims 1-5, 8, 10-11, 13-14, 17-21, 24, 26-27, 
29-30, 22-25, and 37-43 are presently pending. Claims amended herein are 1-2, 
8, 10-11, 13-14, 17-18, 24, 26-27, 29-30, 33, and 37. Claims withdrawn or 
cancelled herein are 6-7, 9, 12, 15-16, 22-23, 25, 28, 21-32, and 44-48. 

Formal Request for an Interview 

[0003] If the Examiner's reply to this communication is anything other than 
allowance of all pending claims, then I formally request an interview with the 
Examiner. I encourage the Examiner to call me— the undersigned representative 
for the Applicant—so that we can discuss this matter so as to resolve any 
outstanding issues quickly and efficiently over the phone. 

[0004] Please contact me to schedule a date and time for a telephone 
interview that is most convenient for both of us. While email works great for me, 
I welcome your call as well. My contact information may be found on the last 
page of this response. 
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Claim Amendments 

[0005] Without conceding the propriety of the rejections herein and in the 
interest of expediting prosecution, Applicant amends claims 6-7, 9, 12, 15-16, 22- 
23, 25, 28, 21-32, and 44-48 herein. Applicant amends claims to clarify claimed 
features. Such amendments are made to expedite prosecution and to more 
quickly identify allowable subject matter. Such amendments are merely intended 
to clarify the claimed features, and should not be construed as further limiting 
the claimed invention in response to the cited references. 
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Substantive Matters 

Claim Rejections under S 102 and 5 103 

[0006] Examiner rejects claims 1, 2, 4-11, 13-18, 20-27, 29-33, 35-39 and 
41-48 under § 102. For the reasons set forth beiow, the Examiner has not 
shown that the cited reference anticipates the rejected claims. 

[0007] In addition, the Examiner rejects claims 3, 12, 19, 28, 34 and 40 
under § 103. For the reasons set forth below, the Examiner has not made a 
prima facie case showing that the rejected claims are obvious. 

[0008] Accordingly, Applicant respectfully requests that the § 102 and § 103 
rejections be withdrawn and the case be passed along to issuance. 

[0009] The Examiner's rejections are based upon the following references 
alone and/or in combination: 

• Gong: Gong, US Patent No. 6,044,467 (issued March 28, 2000); 
and 

• Lao: Lao, eta/., US Patent Publication No. 2003/0220880 (Published 
November 27, 2003). 
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Overview of the Application 

[0010] The Application describes a technology for evidence-based 
application security implemented at the application and/or application group 
levels. A manifest may be provided defining at least one trust condition for the 
application or application group. A policy manager evaluates application evidence 
(e.g., an XrML license) for an application or group of applications relative to the 
manifest. The application is only granted permissions on the computer system if 
the application evidence indicates that the application is trusted. Similarly, a 
group of applications are only granted permissions on the computer system if the 
evidence indicates that the group of applications is trusted. If the application 
evidence satisfies the at least one trust condition defined by the manifest, the 
policy manager generates a permission grant set for each code assembly that is 
a member of the at least one application. Evidence may be further evaluated for 
code assemblies that are members of the trusted application or application group 

Cited References 

[0011] The Examiner cites Gong as the primary reference in the 
anticipation- and obviousness-based rejections. The Examiner cites Lao as a 
secondary reference in the obviousness-based rejections. 



Gong 

[0012] Gong describes a technology for providing security in a computer 
system. When code associated with an object class must be loaded, a search for 
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the code is performed, inspecting locations in predetermined sequence, where 
the sequence ensures that untrusted code can not be loaded in place of trusted 
code. The sequence of locations may include locations specified by a user as well 
as locations specified by a default pathway. If the class is found and the class 
has not been loaded, the class is loaded and a set of permissions is associated 
with the class based on a predetermined mapping of code sources to 
permissions. 

Lao 

[0013] Lao describes a technology for controlling consumption of a 
distributed network service in accordance with rights expression information 
associated with the distributed network service and specifying a manner of use 
of the distributed network service, including determining the rights expression 
information associated with the distributed network service, the rights expression 
information indicating a manner of use of the distributed network service; and 
controlling consumption of the distributed network service based on the rights 
expression information. 
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Anticipation Rejections 



[0014] Applicant submits that the anticipation rejections are not valid 
because, for each rejected claim, no single reference discloses each and every 
element of that rejected claim. 1 Furthermore, the elements disclosed in the 
single reference are not arranged in the manner recited by each rejected claim. 2 



Based upon Gong 

[0015] The Examiner rejects claims 1, 2, 4-11, 13-18, 20-27, 29-33, 35-39 
and 41-48 under 35 U.S.C. § 102(e) as being anticipated by Gong. Applicant 
respectfully traverses this rejection. Based on the reasons given below, Applicant 
asks the Examiner to withdraw the rejection of these claims. 



Independent Claim 1 

[0016] The Examiner indicates (Action, pages 6-7) the following with regard 
to claim 1: 



1 "A claim is anticipated oniy if each and every element as set forth in the claim is found, either expressly or 
inherently described, in a single prior art reference." Verdegaal Bros. v. Union Oil Co. of California, 814 F.2d 628, 
631, 2 USPQ2d 1051, 1053 (Fed. Cir. 1987); also see MPEP §2131. 

2 See In re Bond, 910 F.2d 831, 15 USPQ2d 1566 (Fed. Cir. 1990) 
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2. Claims 1,2,4-11,13-18, 20-27, 29-33, 35-39, 41-48 are rejected under 35 
U.S.C. 102(e) as being anticipated by Gong, US Patent No. 6,044,467 (hereinafter 
Gong). 



Referring to claims 1,2,6, 7, 17, 22-23, 33 and 44, Gong teaches a computer 
program product, a system, a computer-readable medium and a method comprising: 

receiving a manifest defining a plurality of code assemblies that are members of 
at least one application, wherein the manifest defines at least one trusted application 
and application evidence for making a trusted decision [6:31-36; 7:20-8:59 and figs. 

2A-2B; Public cryptographic keys and digital signatures corresponding to application 
evidence and class is corresponding to a manifest]; 

evaluating the application evidence to determine if the at least on application is 
trusted [3:27-29; 6:39-43; 7:20-8:59]; and 

generating a permission grant set for each code assembly that is a member of 
the at least one application if the application evidence satisfies at least one condition for 
trusting the at feast one application [6:45-50]; and 

passing the permission grant to a run-time call stack [12:16-33; 14:66-67 and 
fig. 2BJ. 

[0017] Claim 1, as amended, recites a method comprising, inter alia, 
receiving a manifest defining first and second code assemblies that are members 
of at least one application, wherein the manifest defines at least one trusted 
application and application evidence for making a trust decision; evaluating the 
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application evidence to determine if the at least one application is trusted; 
generating a first and a second permission grant set for the first and the second 
code assembly, respectively, that are members of the at least one application if 
the application evidence satisfies at least one condition for trusting the at least 
one application; passing the permission grant to a run-time call stack; calling the 
second code assembly by the first code assembly, the second code assembly 
attempting access of a protected file; and calculating an intersection of the first 
and the second permission grant sets to determine whether the access to the 
protected file is permitted. 

[0018] Gong does not disclose or show generating a first and a second 
permission grant set for the first and the second code assembly 
[emphasis added], respectively, that are members of the at least one application 
if the application evidence satisfies at least one condition for trusting the at least 
one application; passing the permission grant to a run-time call stack; calling 
the second code assembly by the first code assembly, the second code 
assembly attempting access of a protected file; and calculating an 
intersection of the first and the second permission grant sets to 
determine whether the access to the protected file is permitted 
[emphasis added]." 

[0019] Instead, Gong merely shows having a class that may be "associated 
with the digital signature associated with the file used to transport code defining 
the class" or "the class definition of the class may be specifically associated with 
a digital signature." See column 8, lines 9-12. If a class cannot be verified or the 
class is not associated with a digital signature, "the class is referred to as being 

Serial No.: 10/705,756 

Atty Docket No.: MS1-18D9US -21- lee@haVeS The Business of IP 1 " 

Atty/Agent: Michael D. Carter ^i-c^cam so^ss 



unsigned." See column 8, lines 15-18. The Applicant's invention, however, show 
calculating an intersection of differing permission grant sets to determine access 
to protected files. Thus, it is believed that Gong does not disclose or show this 
element of claim 1, as amended. Consequently, Gong does not disclose all of the 
elements and features of this claim. Accordingly, Applicant asks the Examiner to 
withdraw the rejection of this claim. 



Independent Claim 16 

[0020] Claim 16, as amended, recites a computer program product 
encoding a computer program for executing on a computer system a computer 
process, the computer process comprising, inter alia, receiving a manifest 
defining first and second code assemblies that are members of at least one 
application, wherein the manifest defines at least one trusted application and 
application evidence for making a trust decision; evaluating the application 
evidence to determine if the at least one application is trusted; generating a first 
and a second permission grant set for the first and the second code assembly, 
respectively, that are members of the at least one application if the application 
evidence satisfies at least one condition for trusting the at least one application; 
passing the permission grant to a run-time call stack; calling the second code 
assembly by the first code assembly, the second code assembly attempting 
access of a protected file; and calculating an intersection of the first and the 
second permission grant sets to determine whether the access to the protected 
file is permitted. 
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[0021] Applicant respectfully contends that the arguments set forth above 
with respect to independent claim 1, as amended, applies with equal weight here 
and Gong does not disclose all of the claimed elements and features of 
independent claim 17, as amended. Accordingly, Applicant asks the Examiner to 
withdraw the rejection of this claim. 



Independent Claim 33 

[0022] Claim 33, as amended recites a system comprising, inter alia, a 
manifest defining first and second code assemblies that are members of at least 
one application; application evidence to determine whether the at least one 
application is trusted; a loader to load the first and the second code assemblies 
into a run-time call stack, with the first code assembly calling the second code 
assembly, the second code assembly attempting access of a protected file; and a 
policy manager to evaluate the application evidence relative to at least one 
condition, wherein the policy manager generates a first and second permission 
grant set for the first and the second code assembly, respectively, that are 
members of the at least one application if the application evidence satisfies the 
at least one condition specified in a security policy specification for trusting the 
at least one application, wherein the security policy specification defines multiple 
policy levels, and wherein permissions are granted on a computer system based 
on the permission grant set, the policy manager further calculating an 
intersection of the first and the second permission grant sets to determine 
whether the access to the protected file is permitted. 
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[0023] Applicant respectfully contends that the arguments set forth above 
with respect to independent claim 1, as amended, applies with equal weight here 
and Gong does not disclose all of the claimed elements and features of 
independent claim 33, as amended. Accordingly, Applicant asks the Examiner to 
withdraw the rejection of this claim. 



Serial No.: 10/705,756 

Atty Docket No.: MS1-1809US "24- lee^hayeS The Business or IP 1 " 

Atty/Agent: Michael D. Carter batons am sm^w^n 



Obviousness Rejections 

Lack of Prima Facie Case of Obviousness ( MPEP S 2142} 

[0024] Applicant disagrees with the Examiner's obviousness rejections. 
Arguments presented herein point to various aspects of the record to 
demonstrate that all of the criteria set forth for making a prima facie case have 
not been met. 



Based upon Gong in view of Lao 

[0025] The Examiner rejects claims 3, 12, 19, 28, 34 and 40 under 35 
U.S.C. § 103(a) as being unpatentable over Gong in view of Lao. Applicant 
respectfully contends that the remaining cited art does not overcome the 
deficiencies of Gong. Applicant asks the Examiner to withdraw the rejection of 
these claims. 

Dependent Claims 

[0026] In addition to its own merits, each dependent claim is allowable for 
the same reasons that its base claim is allowable. Applicant requests that the 
Examiner withdraw the rejection of each dependent claim where its base claim is 
allowable. 
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Conclusion 



[0027] All pending claims are in condition for allowance. Applicant 
respectfully requests reconsideration and prompt issuance of the application. If 
any issues remain that prevent issuance of this application, the Examiner is 
urged to contact me before issuing a subsequent Action . Please call or 
email me at your convenience. 



Respectfully Submitted, 

Lee & Hayes, PLLC 
Representatives for Applicant 

JMichael D. Carter/ Dated: /Sept. 22, 2008/ 

Michael D. Carter (michaelcarter@leehayes.com; 512-505-8164) 
Registration No. 56661 

Emmanuel Rivera f emmanuei@leehayes.com ; 512-505-8162) 
Registration No. 45760 
Customer No. 22801 

Telephone: (509) 324-9256 
Facsimile: (509) 323-8979 
www.leehaves.com 
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